//! 测试被动扫描功能的简单程序

use good_mitm_passive_scan_simple::{HttpEvent, PassiveScanEngine, Severity};
use std::collections::HashMap;
use http::{Method, Uri};

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    // 初始化日志
    env_logger::init();

    println!("🔍 测试Good-MITM被动扫描引擎");

    // 创建扫描引擎
    let scan_engine = PassiveScanEngine::new();
    println!("✅ 被动扫描引擎创建成功");

    // 等待规则加载完成
    tokio::time::sleep(tokio::time::Duration::from_millis(100)).await;

    // 测试密码泄露检测
    println!("\n🧪 测试1: 密码泄露检测");
    let mut headers = HashMap::new();
    headers.insert("content-type".to_string(), "application/json".to_string());

    let password_event = HttpEvent::new_response(
        200,
        headers,
        r#"{"user": "admin", "password": "secret123"}"#.to_string(),
        "https://example.com/api/users".to_string(),
        "POST".to_string(),
    );

    let results = scan_engine.process_event(password_event).await?;
    println!("发现 {} 个安全问题:", results.len());
    for result in &results {
        println!("  - {}: {}", result.title, result.url);
    }

    // 测试API密钥泄露
    println!("\n🧪 测试2: API密钥泄露检测");
    let mut headers2 = HashMap::new();
    headers2.insert("content-type".to_string(), "application/json".to_string());

    let api_key_event = HttpEvent::new_response(
        200,
        headers2,
        r#"{"api_key": "sk_live_1234567890abcdef", "user": "test"}"#.to_string(),
        "https://api.example.com/config".to_string(),
        "GET".to_string(),
    );

    let results2 = scan_engine.process_event(api_key_event).await?;
    println!("发现 {} 个安全问题:", results2.len());
    for result in &results2 {
        println!("  - {}: {}", result.title, result.url);
    }

    // 测试SQL错误
    println!("\n🧪 测试3: SQL错误检测");
    let mut headers3 = HashMap::new();
    headers3.insert("content-type".to_string(), "text/html".to_string());

    let sql_error_event = HttpEvent::new_response(
        500,
        headers3,
        r#"<html>Error: SQL syntax near 'SELECT * FROM users'<br>MySQL server error</html>"#.to_string(),
        "https://example.com/search".to_string(),
        "GET".to_string(),
    );

    let results3 = scan_engine.process_event(sql_error_event).await?;
    println!("发现 {} 个安全问题:", results3.len());
    for result in &results3 {
        println!("  - {}: {}", result.title, result.url);
    }

    // 测试去重功能
    println!("\n🧪 测试4: 去重功能");
    let duplicate_event = HttpEvent::new_response(
        200,
        headers,
        r#"{"user": "admin", "password": "secret123"}"#.to_string(),
        "https://example.com/api/users".to_string(),
        "POST".to_string(),
    );

    let results4 = scan_engine.process_event(duplicate_event).await?;
    println!("重复事件处理结果: {} 个问题 (应该为0)", results4.len());

    // 获取统计信息
    println!("\n📊 扫描统计:");
    let stats = scan_engine.get_stats().await;
    println!("  总问题数: {}", stats.total_results);
    for (severity, count) in stats.results_by_severity {
        println!("  {}: {} 个", format!("{:?}", severity), count);
    }

    // 获取所有结果
    println!("\n📋 所有扫描结果:");
    let all_results = scan_engine.get_results().await;
    for (i, result) in all_results.iter().enumerate() {
        println!("{}. {} ({})", i + 1, result.title, format!("{:?}", result.severity));
        println!("   URL: {}", result.url);
        println!("   证据: {}", result.evidence);
        println!();
    }

    println!("🎉 被动扫描引擎测试完成！");
    Ok(())
}